Ticket #7768: 7768.diff
File 7768.diff, 2.3 KB (added by , 16 years ago) |
---|
-
wp-admin/includes/post.php
342 342 343 343 $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); 344 344 345 $metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) ); 346 $metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) ); 347 $metavalue = maybe_serialize( stripslashes( (trim( $_POST['metavalue'] ) ) )); 348 $metavalue = $wpdb->escape( $metavalue ); 345 $metakeyselect = stripslashes( trim( $_POST['metakeyselect'] ) ); 346 $metakeyinput = stripslashes( trim( $_POST['metakeyinput'] ) ); 347 $metavalue = maybe_serialize( stripslashes( trim( $_POST['metavalue'] ) ) ); 349 348 350 349 if ( ('0' === $metavalue || !empty ( $metavalue ) ) && ((('#NONE#' != $metakeyselect) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput) ) ) { 351 350 // We have a key/value pair. If both the select and the … … 362 361 363 362 wp_cache_delete($post_ID, 'post_meta'); 364 363 365 $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta 366 (post_id,meta_key,meta_value ) VALUES (%s, %s, %s)", 367 $post_ID, $metakey, $metavalue) ); 364 $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value ) VALUES (%s, %s, %s)", $post_ID, $metakey, $metavalue) ); 368 365 return $wpdb->insert_id; 369 366 } 370 367 return false; -
wp-includes/post.php
519 519 520 520 // expected_slashed ($meta_key) 521 521 $meta_key = stripslashes($meta_key); 522 $meta_value = stripslashes($meta_value); 522 523 523 524 if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) 524 525 return false; … … 631 632 632 633 // expected_slashed ($meta_key) 633 634 $meta_key = stripslashes($meta_key); 635 $meta_value = stripslashes($meta_value); 634 636 635 637 if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) { 636 638 return add_post_meta($post_id, $meta_key, $meta_value);